/**
 * 
 */
package us.gaaoc.framework.webapp.phaselisteners;

import java.util.List;

import javax.faces.application.NavigationHandler;
import javax.faces.context.FacesContext;
import javax.faces.event.PhaseEvent;
import javax.faces.event.PhaseId;
import javax.faces.event.PhaseListener;
import javax.servlet.http.HttpSession;

import org.apache.log4j.Logger;

import us.gaaoc.framework.model.Person;
import us.gaaoc.framework.model.Roles;

/**
 * @author tapshals
 * 
 */
public class RoleManagerPhaseListener implements PhaseListener {

	/** Generated Serial Version UID */
	private static final long serialVersionUID = -2633414092472466318L;
	private static final Logger LOG = Logger
			.getLogger(RoleManagerPhaseListener.class);

	public void afterPhase(PhaseEvent phaseEvent) {
	}

	public void beforePhase(PhaseEvent phaseEvent) {
		FacesContext facesContext = FacesContext.getCurrentInstance();

		NavigationHandler nh = facesContext.getApplication()
				.getNavigationHandler();
		
		if (facesContext.getViewRoot() != null) {
			String viewId = facesContext.getViewRoot().getViewId();

			Person person = (Person) facesContext.getExternalContext()
					.getSessionMap().get("person");
			//If person doesn't exist then redirect to the index page
			if (person != null) {
				/* If the page is from the profile directory then allow to 
				navigate that person */
				if(!(viewId.matches("/secure/profile.*"))){
							
				List<Roles> role = person.getRoles();
				
				for (Roles r : role) {
				/* 
				 * If the person's role is not admin and accessing the page
				 * from admin directory then log out that person for security
				 */
					if (viewId.matches("/secure/admin.*")) {
						if (!r.getRole().contains("admin")) {
							LOG.debug("Person is not logged in as Admin......");
							HttpSession httpSession = (HttpSession) facesContext
									.getExternalContext().getSession(false);
							httpSession.invalidate();
							nh.handleNavigation(facesContext, null, "logOut");
						}
					}
				}
				for (Roles r : role) {
					/*
					 * If the person's role is not clerk and trying to access the 
					 * page from the clerk's directory then log out that person
					 */
					if (viewId.matches("/secure/clerk.*")) {
						if (!r.getRole().contains("clerk")) {
							LOG.debug("Person is not logged in as Clerk......");
							HttpSession httpSession = (HttpSession) facesContext
									.getExternalContext().getSession(false);
							httpSession.invalidate();
							nh.handleNavigation(facesContext, null, "logOut");
						}
					}
					break;
				}

				for (Roles r : role) {
					if (viewId.matches("/secure/public.*")) {
						if (r.getRole().contains("public")) {
						}
						else{
							LOG.debug("Person is not logged in as Public......");
							HttpSession httpSession = (HttpSession) facesContext
									.getExternalContext().getSession(false);
							httpSession.invalidate();
							nh.handleNavigation(facesContext, null, "logOut");
						}
					}
					break;
				}
				
				for (Roles r : role) {
					if (viewId.matches("/secure/judge.*")) {
						if (r.getRole().contains("judge")) {
						}
						else{
							LOG.debug("Person is not logged in as Judge......");
							HttpSession httpSession = (HttpSession) facesContext
									.getExternalContext().getSession(false);
							httpSession.invalidate();
							nh.handleNavigation(facesContext, null, "logOut");
						}
					}
					break;
				}
				
				for (Roles r : role) {
					if (viewId.matches("/secure/attorney.*")) {
						if (r.getRole().contains("attorney")) {
						}
						else{
							LOG.debug("Person is not logged in as Attorney......");
							HttpSession httpSession = (HttpSession) facesContext
									.getExternalContext().getSession(false);
							httpSession.invalidate();
							nh.handleNavigation(facesContext, null, "logOut");
						}
					}
					break;
				}
			}

		}
		}
	}
	public PhaseId getPhaseId() {
		return PhaseId.RENDER_RESPONSE;
	}
}
